The Everything Feed - All Packet Pushers Pods

PP032: Unpacking RPKI for BGP Security

Sep 24, 2024

Explore the urgent need to secure the Border Gateway Protocol (BGP) against hackers and configuration mistakes. Discover the role of Resource Public Key Infrastructure (RPKI) in combating route hijacks and enhancing authenticity in internet routing. Dive into intriguing case studies, like the unintended YouTube access incident, highlighting the complexities of route management. Learn about double Route Origin Authorizations (ROAs) and how collaborative efforts between cybersecurity teams can fortify BGP security. Historical policies and current regulatory pressures also shape the landscape.

36:59

Creator website

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

BGP's inherent lack of security exposes networks to vulnerabilities like route hijacking, necessitating robust security measures like RPKI.

The disparity in RPKI adoption between the U.S. and Europe highlights challenges and potential benefits of improved routing reliability in interconnected regions.

Deep dives

Understanding BGP and Its Security Risks

BGP, or Border Gateway Protocol, is the framework that facilitates routing across the internet, akin to road signs guiding data packets on their journey. It inherently lacks security features, exposing networks to risks such as route hijacking, where malicious entities assert control over traffic routes they don't own. The podcast discusses various vulnerabilities, including man-in-the-middle attacks and route leaks, which may arise when advertisements are not authenticated. Specific incidents, like significant disruptions caused by misconfigured routing, highlight the necessity for robust security measures in the BGP landscape.

Intro

2min

Understanding BGP: The Internet's Road Signs

6min

The Pitfalls of BGP Routing: A Case Study of YouTube Access

2min

Navigating the Risks of Route Advertisements in Internet Connectivity

3min

Securing BGP with RPKI

14min

Fortifying BGP Security with RPKI

11min

Today on Packet Protector we get into BGP security. BGP is an essential protocol for directing traffic across the Internet, but it wasn’t designed with bad actors in mind, not to mention plain old configuration mistakes. Without additional controls in place, BGP is susceptible to issues such as route leaks and route hijacks that can... Read more »

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export